SlideShare a Scribd company logo
1 of 74
Download to read offline
Securing Your
Infrastructure
Privileged Identity Management and
Data Protection

Microsoft
Lieberman Software
Lumension
Introductions




Martin Buckley
System Center Strategic Alliances
Microsoft Corp
Martin.Buckley@microsoft.com
Agenda


• Introduction
• Infrastructure Security Challenges and the
  Business Impact
• Introducing Microsoft System Center
• Lieberman Enterprise Random Password
  Manager™ for System Center
• Lumension Device Control for System
  Center™
• Summary and Next Steps
Infrastructure Security Challenges


      Increased Access                 Increased Security
    Always on, always              Advanced, multi-level attacks
     connected                      Hacks motivated by criminal
    Demands for increased           profit
     access to information          Phishing and social
    Communicate with                engineering hacks wrapped in
     partners, employees, outs       technology
     ourcers, and customers         Need to secure new types of
    Regulatory requirements         devices and storage
     for transparency               Need to enforce and audit
                                     compliance

    Managing the tension between accessibility and security
Business Impact
What Can Our Integrated Security Solution Do For Your Business?



Keep Your IT Up and Running                    Protect Your Data
                                          Keep company data private and
Manage systems, data and devices
                                          secure by preventing common
    across the organization.
                                                    breaches.
Save time through increased system          Control and audit access to
    performance while enabling            privileged systems, devices and
  collaboration across boundaries.                  applications.

Reduce security risks by storing data        Be confident that sensitive
centrally on your company network.      information is treated with integrity.
                                           Improve data protection with
Store and back up data to eliminate
                                         consistent tools and processes to
       worry about data loss.
                                                protect vital assets.
Introducing Microsoft System Center
Martin Buckley, Strategic Alliances – System Center -
         Management & Services Division
Industry Trends
 Macro Trends                     Current Indicators
Virtualization Acceleration • #1 CIO priority in 2008 (up from #17)


      Compliance            •   CIOs expect 10% of IT budget to be dedicated to compliance



IT Service Management       •   IT orgs can currently only correlate 30% of IT alerts to business problems



    Anywhere Access
                            •   Converged mobile phones (Smartphones) growing
                                two times faster than mobile PCs
                                                                                                      22% New

  Software as a Service     •   >1/3 of TDMs interested in using SaaS to support
                                customer-facing business processes
                                                                                          78% Maintenance

 Data Center Build Outs     •   74% of enterprises mandate all servers
                                must reside in the data center

      Implication           •   78% of IT budgets spent on maintenance activities, trends increase pressure
System Center Solutions: People, Process, & Technology

                 Management Packs        Connectors for Interoperability
Knowledge




                 Solution Accelerators   Microsoft Operations Framework
                                         (MOF/ITIL)

                  Partner Ecosystem
                                          Microsoft Consulting Services
                                                                           Data Center
                                                                           Management




                                                                                              Solutions
Products




                                                                           Desktop & Device
                                                                           Management
Infrastructure




                 Windows Platform

                             Virtualization Technology

                                                   Open Standards
                                                                            Mid-Market
Virtualization
Managing a virtualized infrastructure with a common management platform




                                         Profile
                                      Virtualization
                                 Document redirection
                                     Offline files
    Presentation                                                        Server
    Virtualization                                                   Virtualization




                       Desktop                      Application
                     Virtualization                 Virtualization
Data Center Management Solutions

Configuration     End to End              Server             Data Protection
Management        Monitoring            Compliance            and Recovery




                                                              Business Continuity
 Automated        Proactive Platform   Configuration
                                                              Through
 Provisioning     Monitoring           Controls and
                                                              Virtualization
 and Updating     Application &        Reporting
                                                              Mgmt
 of Physical      Service Level        Centralized
 and Virtual                                                  Backup
                  Monitoring           Security Auditing
 Environments                                                 and Recovery of
                  Interoperable        Comprehensive          Physical and Virtual
 Server           and Extensible       Security & Identity    Resources
 Consolidation    Platform             and Access Mgmt
 Through                                                      Disaster Recovery
 Virtualization
Configuration Management
Automated provisioning and server consolidation through virtualization



               •   Power, space and maintenance costs
Challenges         forcing more efficient use of resources
Addressed      •   Dispersed servers and applications difficult
                   to manage and update



               •   Manage virtual machines to consolidate
                   physical servers
Key            •   Provision operating
Capabilities       systems, applications, and patches in the
                   data center




                        ―We understood that if we consolidated servers we would reduce
                        energy consumption. [System Center is a] one-stop, single-point
                        approach to managing hundreds of Virtual Server–based virtual
                        machines and all the hosts, while also easily performing physical-
                        to-virtual migrations.‖
                                      - Jason Foster, Systems Architect Sr. Manager of Technology, Continental
End to End Monitoring
Proactive platform, application and service-level monitoring



               •   IT services, applications and
Challenges         servers must run smoothly
                                                                       ERP Application
Addressed      •   Increasing pressure for service
                   levels that ensure optimal
                   uptime and responsiveness

               •   Proactively monitor                     Databases         Servers          Web Servers
                   availability, performance and
                   configuration across
                   heterogeneous platforms
Key
Capabilities   •   Perform deep application and          Order Tracker DB   DN-App1      OTW-IIS-01   OTW-IIS-02
                   service-level monitoring



                        ―I can provide our system administrators with more in-depth monitoring and
                        more explicit alerting. We can configure server reports to show downtime
                        warnings, downtime events, and the start time and end time of every
                        occurrence. We can also quickly learn why a server experienced
                        downtime—whether it was a power outage, a hardware or software
                        malfunction, or a server maintenance issue.‖
                                     Paul Johnson, Windows Monitoring Architect & Systems Engineer, Gates Corp
Server Compliance
Configuration controls and centralized audit of system security



               •   Increasing compliance and audit requirements
Challenges         associated with business policies and regulatory
                   requirements
Addressed
               •   Security pressures in the data center


               •   Create, maintain and report on configuration
                   controls for the data center environment

Key            •   Gather and report security related events
Capabilities   •   Manage identities and access and improve
                   security in the data center



                        ―SAS 70 is a huge initiative for us with regard to our data centers and all of
                        our applications, and SOX is obviously important as well. With [System
                        Center] my team has reduced the amount of time that we spend collecting
                        security log information. For example, we just completed an investigation
                        and pulled the security report in less than 5 minutes. In the past it would
                        have taken days.‖
                                                 Jeff Skelton, Manager, Enterprise Management Center, Stewart
Data Protection and Recovery
Backup & restore and business continuity through virtualization mgmt


                                                                                              Backup and Restore
               •   High availability and business continuity needed
Challenges         to meet service levels and optimal uptime
Addressed
               •   Simple disaster recovery and backup &
                   restoration of data and information


               •   Dynamically replicate and move virtual
                   machines and applications to distribute
                   workloads in the event of an outage
Key            •   Recover and restore the physical and
Capabilities       virtual environments in the data center
                   through continuous data protection                      Data Center A



                                                                                                  Data Center B



                        “We really liked the looks of [System Center] for three key reasons, its disk-
                        to-disk-to-tape design, the fact that we could eliminate full backups
                        altogether and simply take snapshots, and its disaster recovery features.‖
                                                   Ed Olson, Lead Windows Infrastructure Engineer, AutoNation
Desktop Management Solutions
Streamlined Application     Optimized Client Health       Ease User Access Without
 and Desktop Delivery          and Performance                  Compromise




 Adaptive Application         Client Infrastructure          End-Point Security
      Delivery                     Monitoring                  Management
 Managed client               Client health monitoring      Enforced compliance with
 application delivery via     and proactive issue           system health policy
 traditional and virtual      identification                definitions via remediation
 methods

 Simplified Windows         Remote PC Diagnostics &            Configuration
  Vista Deployment                  Repair                      Compliance
 Automated OS                 Zero-touch remote             Assess systems
 deployment via image         diagnosis and remediation     compliance against
 standardization              with Intel® vProTM            established configuration
                                                            baselines
Adaptive Application Delivery
Managed client application delivery via traditional and virtual methods



               •   Application compatibility and run time conflicts
                   complicate deployments and regression testing                                 Data, User
Challenges                                                                                        settings
Addressed      •   New delivery models make asset inventory and
                   reporting difficult                                          Application      Application


               •   Natively deploy virtual applications to reduce or
                   eliminate runtime conflicts
                                                                                                OS
Key            •   Separate user state from computer
                   hardware, OS, application data and user
Capabilities       settings for anywhere access
                                                                                                Hardware
               •   Centrally manage traditional, virtual and
                   streamed applications from a single console



                        “We have significantly accelerated the testing of new programs by using
                        virtualization. There are no more installs, and virtualized programs have no effect on
                        the operating system or other applications.”
                             - Frank Walburg, Department Manager of Desktop Software Services, BASF IT Services
Simplified Windows Vista/7 Deployment
Automated OS deployment via image standardization



               •   Multiple hardware, OS and application
                   configurations cause costly deployments
Challenges
Addressed      •   Offline and low bandwidth environments
                   make automated deployment methods
                   less effective

               •   Streamline Windows Vista deployment
                   planning thru hardware assessment and
                   application compatibility testing

Key            •   Standardize on a single hardware
Capabilities       independent image to reduce OS
                   deployment complexity

               •   Deployment support for highly
                   distributed environments

                        “Deploying a new infrastructure and installing operating systems, applications, and
                        drivers on thousands of computers across 50 locations and several countries, all
                        within a year, is a massive task…we’re succeeding—and Configuration Manager is
                        an essential part of our success.”
                                                      -- Poul Westmose, Chief Technology Officer, DONG Energy
Client Infrastructure Monitoring
Client health monitoring and proactive issue identification


               •   Majority of hardware, application and OS
                   crashes unreported until large number of
Challenges         end users impacted
Addressed
               •   Configuration and user setting changes
                   impact performance and security standards

               •   Proactively monitor and identify OS, application
                   and hardware issues to minimize support costs
                   and impact to end-user productivity
Key            •   Report on configuration compliance and
Capabilities       collective system health to identify trends

               •   Improve reliability and security by reducing
                   configuration drift



                        “We catch problems before our users see them. That’s a significant way to
                        contribute to our mission.”
                                                                  - Xavier Coppin, Systems Engineer, Skyguide.
Remote PC Diagnostics and Repair
Zero-touch remote diagnosis and remediation with Intel® vProTM



               •   Troubleshooting and repairing PCs is mostly a
Challenges         manual and costly effort
Addressed      •   PCs that are powered off or that won‟t boot
                   cannot be diagnosed or repaired


               •   Accelerate problem resolution time with
                   diagnostic, configuration and performance
                   monitoring tools
Key            •   Reduce onsite service calls with zero touch
Capabilities       remote management, including PCs that
                   won‟t boot or are powered off




                        “Having the ability to wake devices up and run updates via a standard
                        technology…will only enhance the security posture that the VA has been working to
                        meet”
                        - Charles de Sanno, Executive Director of Enterprise Technology and IT Engineering, Veterans
                                                                                                 Affairs Department
End-Point Security Management
Enforced compliance with system health policy definitions via remediation



               •   Mobile and distributed users present                                                               Policy Servers
                                                                                                                      e.g.., Patch, AV
Challenges         unique network security and
                   compliance challenges                                                     Microsoft
Addressed                                                                                     NPS            3
               •   Must identify vulnerabilities, enforce
                   policies and remediate threats                                                        Not policy
                                                                                                         compliant                       5
                                                                                                                                  Remediation
               •   Provide secure access across your                                     2
                                                                                                                 Restricted
                                                                                                                 Network
                                                                                                                                    Servers
                                                                                                                                         e.g.,Patch
                   remote, LAN and wireless connections                                           Policy
                                                                                                compliant


Key            •   Automatically assess vulnerabilities
                                                                                                         4
                   and security compliance                              DHCP, VPN
Capabilities                                                             Switch/Router
                                                                                                             Corporate Network
               •   Enable automatic enforcement and
                   remediation of security parameters to
                   ensure ongoing compliance



                        “We envision an IT environment that’s easy to maintain, with computers that
                        automatically download updates and other required software every time they boot
                        up, from the first day they’re on the network”
                                                            - Noah Johnson, Senior Systems Engineer, Freightliner
Configuration Compliance
Assess systems compliance against established configuration baselines


               •   Misconfigured desktops represent
                   compliance and security risks
Challenges
Addressed      •   Desktop configuration drift (settings
                   changes, account permissions, etc.) from
                   multiple administrators changing policies

               •   Create, maintain and report on
                   configuration controls for your
                   desktop environments
Key            •   Automate process for desired
Capabilities       configuration management

               •   Utilize best practices built directly
                   into the solution



                        “We’ll have our first-ever 100 percent compliance and lock-down, which translates
                        into greater reliability and availability, better helpdesk operations, and faster and
                        smoother updates and deployments, because we’ll be building on up-to-date, same-
                        state servers, workstations, and devices.”
                                                                    - Richard Page, IT Project Manager, Shoprite
Core Infrastructure Optimization
       Basic                Standardized           Rationalized           Dynamic




Uncoordinated, manual         Managed IT            Managed and        Fully automated
    infrastructure        infrastructure with      consolidated IT       management,
                          limited automation     infrastructure with   dynamic resource
                                                maximum automation      usage, business
                                                                          linked SLA‟s



                                         Dynamic IT
    Cost Center            More Efficient       Business Enabler       Strategic Asset
                            Cost Center

                        Manage Complexity and Achieve Agility
Managing Complexity
 Customer success stories

            Basic              Standardized                    Rationalized                      Dynamic


                                       Simplified Vista                       Server Consolidation
    Data Protection and                  Deployment
         Recovery                    Danish
                                              Saved $500K in              Reduced server costs
                                     Foreign                              by $2M per year
             Reduced back-up                  deployment costs
                                     Ministry
             times by 50%




Configuration Management          Configuration Management                      Client Infrastructure
                                                                                    Monitoring
                                                                                        Cut helpdesk
                                  MEGA PHARMA                                           costs by 35%
Cut update time by 90%            Cut deployment time by 73%




                                           Dynamic IT
Dynamic IT Management
    •   Use knowledge-             •   Improve visibility and
        based, automated in-line       control through
        tasks to deliver               integrated management
        rapid, high quality
        service                    •   Manage multi-hypervisor
                                       technologies and
    •   Maximize the use of the        monitor cross-platform
        IT department’s existing       environments
        Windows Server
        expertise




•   Out of the box, build on       •   Reduce complexity
    deep domain knowledge              through seamless
    from both Microsoft and            management of logical IT
    our strong partner                 environments
    community
                                   •   Manage your virtual
•   Implement templated                environments down to the
    best practices through             application level
    Solution Accelerators
Enterprise Random Password Manager
    Philip Lieberman, President and CEO
Who We Are: Lieberman Software

• Privileged Identity Management Software for
  Windows and the Cross-Platform Enterprise
• HQ in Los Angeles with marketing and
  support office in Austin
• Privately Owned, Profitable, 100% USA-based
• Followed by Gartner, Forrester, 451 Group,
  Kuppinger-Cole (EMEA)
• Technical partnerships include: Microsoft,
  Oracle, HP, IBM, EMC/RSA, Novell, Red Hat,    1900 Avenue of the Stars, Los Angeles

  BMC Software, nCipher                                 Headquarters Office



• Over 900 Enterprise Customers in every
  industry, in all regions of the world
Privileged Accounts: What Are The Risks?


• Do you know where all of your   • Who is sharing credentials?
  privileged accounts are?          Are they accountable?
• Do the wrong people have        • Will you pass your next IT
  access to sensitive data?         audit?
• Are privileged accounts being   • Will your passwords fail to
  used for tasks that don’t         withstand dictionary and social
  require them?                     attacks?
Privileged Accounts: Mitigating The Risks

•   Identify and document critical IT assets, their privileged accounts and
    interdependencies.
•   Delegate so that only appropriate personnel can access privileged
    accounts in a timely manner, using the least privilege required, with
    documented purpose, during designated times.
•   Enforce rules for password strength, uniqueness and change
    frequency, synchronizing changes across dependencies.
•   Audit and Alert so that the requesters, purpose and requested
    duration are documented and management is made aware of unusual
    access and other events.
Protecting Corporate Assets
     Datacenter Deployment
Datacenter Deployment


      New servers and applications
       have been deployed in the
              datacenter.




The team must confirm that all
 privileged accounts on these
    systems are secured as
    required by compliance
          standards.
Datacenter Deployment


       You launch Enterprise
        Random Password
             Manager…




…and verify in the Windows Systems
   View that ERPM has already
     discovered these systems.
Datacenter Deployment




   You switch to the Account Store      Discovered accounts include
 View, expand a node for one of the       Windows Administrator
   new servers, and view all of the       accounts and privileged
 privileged accounts detected on the   accounts used by services and
               system.                         applications.
Datacenter Deployment




You right-click a local Administrator account on
  the server and choose Properties from the
                  context menu.
Datacenter Deployment




 The Properties window confirms that Enterprise
Random Password Manager has already deployed
          new password credentials.
Datacenter Deployment




               Now authorized personnel can get privileged
                access to these servers by clicking Favorite
               Tasks in the SCOM / SCCM Computers node.
Datacenter Deployment

 Privileged access is granted through permissions already configured in
           the company’s Role-Based Access Control system…




    … and when an IT staff member clicks Recover….
Datacenter Deployment




   … he is prompted to type the reason for the
password recovery request so there’s an audit trail.
Datacenter Deployment


         A password is then provided through the
         SCOM /SCCM interface for one-time use.




Immediately after use, the password will be changed
   according to the company’s configured policy.
Results


• You now have an authoritative list of privileged
  accounts on the new servers.
• The account credentials are secured and will be
  changed according to a schedule policy.
• Authorized IT staff can quickly access these
  systems without taking authorizers’ time.
• All requests for privileged access are audited.
• Your team meets its mandate to secure the
  newly-deployed hardware.
Making IT Staff More Efficient
      Preparing for an IT Audit
Preparing for an IT Audit



           IT staff have limited time
            to prepare for a critical
                      Audit.




       The requirements list
             is long…
Preparing for an IT Audit

IT staff must show that:*
1. Administrator passwords are changed every 90 days.
2. There are no group, shared, or generic privileged accounts or passwords.
3. Access rights are restricted to least privileges required.
4. Inactive privileged accounts are removed or disabled every 90 days.
5. Privileged access is immediately revoked for all terminated users.
6. All system components are covered by password security policies.
7. Vendors’ remote maintenance accounts are
   enabled only during time periods needed.
8. All vendor-supplied passwords are
   changed before systems are deployed.
9. Automated audit trails are implemented for
   all system components.
                         *Typical   PCI DSS requirements
Preparing for an IT Audit




 You launch Enterprise
  Random Password
       Manager…




        First, let’s prove that all
     privileged account passwords
     are changed at least every 90
                    days.
Preparing for an IT Audit



 … and open the
    Windows
Accounts View to
   see a list of               Views can also be sorted by
    privileged                    system name, account
   passwords,                        name, and so on.
 sorted by age.




  You then click
  Compliance...
Preparing for an IT Audit




    … to create an HTML-
formatted report that shows
  the last password change
 date for all systems on your
           network.



  You’ve documented that
    ERPM is changing all
    privileged passwords
   according to regulatory
        requirements.
Preparing for an IT Audit

         Next, let’s prove that there are
          no group, shared, or generic
             privileged accounts or
         passwords on your production
                     network…

  … that no systems fail to
   comply with regulatory
 requirements for privileged
        passwords…

    … and that any vendor-
 supplied passwords on newly-
     deployed systems or
    applications have been
   discovered and changed.
Preparing for an IT Audit


                    With a few more clicks, you create a new report
                    showing a total of 19 systems on your network
                        that don’t have unique, complex, and
                      frequently changed privileged credentials
                                 enforced by ERPM.




Fortunately these
    are all lab
 systems, not on
 the production
  domain, that
  don’t need to
     comply.
Preparing for an IT Audit



        Next, let’s document that IT
          personnel are accessing
       privileged accounts on a need
               to know basis.




      This is a common
    requirement of many
    regulatory standards.
Preparing for an IT Audit




Start by choosing whether to
      create a report by
 account, system, or user...
Preparing for an IT Audit

   This report shows the
  history, by user, of every
    password check-out
           request.




          It shows the
day, time, system, account, and
 stated purpose to verify the
      need for each access.
Preparing for an IT Audit


ERPM also manages and
 reports user access by
   Remote Desktop
     Connection.




  This feature is commonly
         used to grant
 temporary, audited access
to vendors and contractors.
Results


• The organization demonstrates that it has
  auditing controls in place to manage
  privileged access.

• Preparations for IT audits are completed far
  more efficiently.

• Audit results are far more predictable.
ERPM for Systems Center Ops Manager

Internal & External Credential Use Management
•   Inventories all SCOM credential usage
•   Continuously updates/randomizes credentials on all
    external systems, devices and applications so there is
    no common credential for access to all systems
•   Propagates new passwords back to SCOM “Run As”
    accounts, agents, services, etc.
•   SCOM “Run As” accounts maintain access to cross-
    platform and un-trusted systems
•   Access credentials in SCOM and components are
    updated in compliance with IT regulatory mandates
•   No more manual updating of systems, agents and
    services
ERPM for System Center Config Manager

Fire Call Password Retrieval in SCOM/SCCM
• An Agent-less process deploys
  unique, frequently changing administrator / root
  account passwords to all machines
  (Windows, Linux, UNIX, appliances, etc.)
• No one knows current administrator / root
  passwords until they’re retrieved through
  audited check-out
• Role-based approvals expedite the password
  retrieval process
• Retrieved passwords are time-limited
• Activity and operations reports are accessible
  through a web-based console
Lumension
Device Control for
 System Center TM
Lumension‟s History



                                             Established: Sept „07




Founded in 1991         Acquired: Feb „07               Acquired: July „07      Acquired: April „09

 Market-leading           Enterprise-class                Market-leading        Compliance and Risk
 patch management         vulnerability                   device and            Management.
                          management                      application control
 First cross-platform                                                           Delivering predefined
 and application          First credentialed              First to introduce    compliance and
 patch management         based vulnerability             whitelisting /        control frameworks
 solution                 scanner                         patented file
                                                          “shadowing”
                                                          technology
Worldwide Presence & Recognition

Offices Worldwide                           Strong Partner Base (400+ Worldwide)
More than 5,100 customers in 68 countries   Award-Winning
Strong Microsoft Partner

Lumension is a Long-term Microsoft Gold Partner
   • Both PatchLink and SecureWave held Gold Partner status
   • Lumenion has continued Gold Partner status
   • Competencies:
       • Advanced Infrastructure Solutions
       • Data Management Solutions
       • ISV/Software Solutions

System Center Alliance Member
   • Announcement forth coming

US ISV Managed Partner Program

Product line built on Microsoft Technologies:
   • Primary development environment - TFS
   • Products developed/delivered on Microsoft Technology:
       • Microsoft .NET
       • Microsoft Server
       • Microsoft SQL Server
Lumension Solution Portfolio


                                                                Lumension®
     Solutions




                 Lumension®              Lumension®                        Lumension®                    Lumension®
                 Vulnerability           Endpoint                          Data Protection               Compliance and
                 Management™             Protection                                                      Risk Management



                  Lumension® Patch and   Lumension® Application             Lumension® Device
                  Remediation            Control                            Control                      Lumension® Risk Manager
                  (PatchLink Update)     (Sanctuary Application Control)    (Sanctuary Device Control)


                  Lumension® Scan
     Products




                  (STAT Scan)                                               PGP®
                                                                                                          Lumension® Enterprise
                                                                            Whole Disk Encryption
                  Lumension® Security                                                                     Reporting
                                                                            (Resell)                      (PatchLink ERS)
                  Configuration
                  Management
                  (PatchLink SCM)
                                                                            Lumension® Device
                  Lumension® Content                                        Control for System
                  Wizard                                                    Center
                  (PatchLink PDK)




60
Lumension Solution Portfolio


                                                                Lumension®
     Solutions




                 Lumension®              Lumension®                        Lumension®                    Lumension®
                 Vulnerability           Endpoint                          Data Protection               Compliance and
                 Management™             Protection                                                      Risk Management



                  Lumension® Patch and   Lumension® Application             Lumension® Device
                  Remediation            Control                            Control                      Lumension® Risk Manager
                  (PatchLink Update)     (Sanctuary Application Control)    (Sanctuary Device Control)


                  Lumension® Scan
     Products




                  (STAT Scan)                                               PGP®
                                                                                                          Lumension® Enterprise
                                                                            Whole Disk Encryption
                  Lumension® Security                                                                     Reporting
                                                                            (Resell)                      (PatchLink ERS)
                  Configuration
                  Management
                  (PatchLink SCM)
                                                                            Lumension® Device
                  Lumension® Content                                        Control for System
                  Wizard                                                    Center
                  (PatchLink PDK)




61
The Borderless Enterprise


                            Data has moved beyond the
                                enterprise firewall:
                              Laptops / Home Offices
                             USB Sticks / WiFi / VPN
                                   and more…
Consumerization of IT
Increasing Internal Risk

Insiders have direct access to
                                        70% of all serious incidents
your most sensitive data                  are sparked by insiders.
                                             IDC Worldwide Security Products and Services
                                                                  2007 Top 10 Predictions




 Lost Laptops             Disgruntled             P2P File Sharing
  & Devices               Employees                  Software


48% of users utilize company tools for personal usage.
Business Challenges

              Minimizing Data Leakage Risk: Data Leakage
                via internal and/or external sources, be it
                accidental or intentional, is the biggest
                gap.

              The Cost of Compliance: Bewildering array of
                National, State and Industry laws and
                regulations with costly Data Protection
                implications.

              Enabling Productivity: Data sharing via
                removable devices enables cost-cutting
                measures but is a risk that can’t be ignored.
Lumension Data Protection

     Policy-Based, Encryption-Enabled Data Protection.
• Protect Data from Leakage and Theft: Enforce
  usage policies for all removable devices and
  media.
                                                    Lumension
                                                    Data Protection
• Increase Data Security: Define forced
  encryption policy for data flows onto removable
                                                     Lumension Device Control (LDC)
  devices / media. Flexible exception management.

• Improve Compliance: Policy-enforced
  encryption on removable devices to ensure that     Lumension Device Control
  data cannot be accessed if removable devices or    for Microsoft System Center
                                                     (DCSC)
  media are lost or stolen.

• Continuous Audit Readiness: Monitor all device
  usage and data transfers. Track all transferred
  files and content. Report on all data policy
  compliance and violations.
Lumension Data Protection: Key Features
Automates discovery of peripheral devices
Always-on policy, centrally managed, kernel based driver
Provides granular device control permission settings
    • By user, group, computer
Flexible and powerful encryption options
White-list allowable devices
    • By make, Serial Number, etc
    • Control Thumb Drives, iPods, Blackberrys, CD/DVD,…
Delivers detailed audit capabilities
    • Patented bi-directional “Shadowing” of data written to/from a device
    • All device access attempts
    • All administrator actions
    • Exact contents of file(s) copied/compromised.*
Multiple hardware partnerships
Why Customers Choose Lumension

Tried and Proven: Over 1500 customers and 2
    million licenses of Device Control Software
Policy Enforcement: Highly granular policies
   enforced via kernel-level driver, whether on
   or off line
Encryption: Centrally encrypt removable
   devices/media or force users to encrypt
   devices/media to ensure that data cannot
   be accessed if removable devices/media
   are lost or stolen.
File Shadowing: Keep a copy of every file that
    is transferred to or from removable devices
    / media using patented bi-directional
    shadowing technology. *
Scalability: Scalable deployment to an entire
   network with tamper-proof agents on
   every endpoint.
 * Future capability for Device Control for System Center
Device Control for System Center (DCSC)

Implementation of Lumension Device Control on Microsoft System Center Configuration
Manager (SCCM) platform
   • No stand-alone LDC server/console required

Provides market-leading LDC technology for SCCM customers:
   • Advanced management of all endpoint ports and removable devices/media
   • Policy based data encryption enforcement on devices/media
   • Endpoint protection from malware on devices/media

Leverages key System Center technologies
   • SCCM Console (MMC, UI, workflow)
   • SMS (agent/policy deployments)
   • WMI (monitoring and report information)

First and only Device Control for SCCM

Currently at Release Candidate 1 (RC1)
    • GA Announcement: TechEd Europe (09Nov2009)
DCSC Value to Microsoft System Center Customers


     Leverages SCCM                   Extends SCCM
      Eliminates costs of stand-       Enforce data/port policies
      alone DC point solution          for removable devices

      Accelerates deployment of        Enforce data encryption
      DC security/audit benefits       policies on range of devices

      Aligns with existing SCCM        Prevents malware intrusion
      environment                      via removable media



                                   • Decreased IT complexity
                                   • Security-Optimized Infrastructure
                                   • Increased ROI for System Center


70
Summary and Next Steps
Microsoft, Lieberman, & Lumension

     Compliance and Data Protection


     Privileged Identity Mgmt            Data Leakage Prevention
     • Shared password account mgmt      • Granular device/port control
     • Protects policy mgmt privileges     policies prevent data leakage

                Enterprise Random                   Device Control for
                Password Manager                    System Center
Overcome Infrastructure Security Challenges

         Mitigate security risks        Create automated, audited
            from hackers or              processes to increase IT
         unauthorized intruders              staff productivity
 Ensure compliance         Protect against data        Leverage existing IT
with privacy mandates          loss, theft or           infrastructure with
     like PCI DSS               corruption             superior integration




        …while continuing to provide high quality, uninterrupted service.
Next Steps

• Discussion – to better understand your needs
• Discovery – to better understand your infrastructure
• Demonstration – to show you Microsoft System Center, Enterprise
  Random Password Manager ™ and Lumension Device Control for
  System Center™
• Evaluation – to install and evaluate the software at your site
• Proof Of Concept – to test the products in-house
• Contact us!
Thank You!

More Related Content

What's hot

4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User ExperienceeG Innovations
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentseG Innovations
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMeG Innovations
 
Bus Tour Windows 7 Deck (Full)
Bus Tour   Windows 7 Deck (Full)Bus Tour   Windows 7 Deck (Full)
Bus Tour Windows 7 Deck (Full)Stephen L Rose
 
My Application is Slow | Best Practices for Troubleshooting and Prevention
My Application is Slow | Best Practices for Troubleshooting and PreventionMy Application is Slow | Best Practices for Troubleshooting and Prevention
My Application is Slow | Best Practices for Troubleshooting and PreventioneG Innovations
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
World Wide Technology Tec37 Webinar - Deploy and Manage Windows 10 at Scale v1
World Wide Technology Tec37 Webinar -  Deploy and Manage Windows 10 at Scale v1World Wide Technology Tec37 Webinar -  Deploy and Manage Windows 10 at Scale v1
World Wide Technology Tec37 Webinar - Deploy and Manage Windows 10 at Scale v1World Wide Technology
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationseG Innovations
 
Novell Service Desk overview
Novell Service Desk overviewNovell Service Desk overview
Novell Service Desk overviewJon Giffard
 
A Better Solution Limited Corporate Presentation
A Better Solution Limited Corporate PresentationA Better Solution Limited Corporate Presentation
A Better Solution Limited Corporate PresentationRobert Atkins
 
Novell service desk gwava con
Novell service desk gwava conNovell service desk gwava con
Novell service desk gwava conGWAVA
 
VMware End-User-Computing Best Practices Poster
VMware End-User-Computing Best Practices PosterVMware End-User-Computing Best Practices Poster
VMware End-User-Computing Best Practices PosterVMware Academy
 
E G Innovations Vdi Monitoring
E G Innovations Vdi MonitoringE G Innovations Vdi Monitoring
E G Innovations Vdi MonitoringElisaBerneyBrown
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Kenneth de Brucq
 
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaperCisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepapershankar Psschiatanya
 
Windows 7 Optimized Desktop
Windows 7 Optimized DesktopWindows 7 Optimized Desktop
Windows 7 Optimized DesktopIT Masterclasses
 
VDI and Application Virtualization
VDI and Application VirtualizationVDI and Application Virtualization
VDI and Application VirtualizationJames W. De Rienzo
 

What's hot (20)

4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience4 Best Practices for Delivering Exceptional VDI User Experience
4 Best Practices for Delivering Exceptional VDI User Experience
 
Ensure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View DeploymentsEnsure The Success of VMware Horizon View Deployments
Ensure The Success of VMware Horizon View Deployments
 
Monitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOMMonitor & Manage Citrix App Performance Using Microsoft SCOM
Monitor & Manage Citrix App Performance Using Microsoft SCOM
 
Bus Tour Windows 7 Deck (Full)
Bus Tour   Windows 7 Deck (Full)Bus Tour   Windows 7 Deck (Full)
Bus Tour Windows 7 Deck (Full)
 
My Application is Slow | Best Practices for Troubleshooting and Prevention
My Application is Slow | Best Practices for Troubleshooting and PreventionMy Application is Slow | Best Practices for Troubleshooting and Prevention
My Application is Slow | Best Practices for Troubleshooting and Prevention
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
 
World Wide Technology Tec37 Webinar - Deploy and Manage Windows 10 at Scale v1
World Wide Technology Tec37 Webinar -  Deploy and Manage Windows 10 at Scale v1World Wide Technology Tec37 Webinar -  Deploy and Manage Windows 10 at Scale v1
World Wide Technology Tec37 Webinar - Deploy and Manage Windows 10 at Scale v1
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
 
Novell Service Desk overview
Novell Service Desk overviewNovell Service Desk overview
Novell Service Desk overview
 
A Better Solution Limited Corporate Presentation
A Better Solution Limited Corporate PresentationA Better Solution Limited Corporate Presentation
A Better Solution Limited Corporate Presentation
 
Novell service desk gwava con
Novell service desk gwava conNovell service desk gwava con
Novell service desk gwava con
 
VMware End-User-Computing Best Practices Poster
VMware End-User-Computing Best Practices PosterVMware End-User-Computing Best Practices Poster
VMware End-User-Computing Best Practices Poster
 
E G Innovations Vdi Monitoring
E G Innovations Vdi MonitoringE G Innovations Vdi Monitoring
E G Innovations Vdi Monitoring
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
 
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaperCisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaper
 
Windows 7 Optimized Desktop
Windows 7 Optimized DesktopWindows 7 Optimized Desktop
Windows 7 Optimized Desktop
 
ENPAQ Brochure
ENPAQ BrochureENPAQ Brochure
ENPAQ Brochure
 
VDI and Application Virtualization
VDI and Application VirtualizationVDI and Application Virtualization
VDI and Application Virtualization
 

Viewers also liked

Backup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and DirectorsBackup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and DirectorsLucy Denver
 
Sanctuary Device Control
Sanctuary Device ControlSanctuary Device Control
Sanctuary Device ControlHassaanSahloul
 
Lumension Security Solutions
Lumension Security SolutionsLumension Security Solutions
Lumension Security SolutionsHassaanSahloul
 
NYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern WorldNYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern WorldForgeRock
 
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...CA Technologies
 
Zalando - The Big Switch - ForgeRock Identity Summit 2015
Zalando - The Big Switch - ForgeRock Identity Summit 2015Zalando - The Big Switch - ForgeRock Identity Summit 2015
Zalando - The Big Switch - ForgeRock Identity Summit 2015Jan Löffler
 
Data backup and disaster recovery
Data backup and disaster recoveryData backup and disaster recovery
Data backup and disaster recoverycatacutanjcsantos
 
private, public and global enterprises
private, public and global enterprisesprivate, public and global enterprises
private, public and global enterprisesSruthy Ajith
 
Disaster Recovery & Data Backup Strategies
Disaster Recovery & Data Backup StrategiesDisaster Recovery & Data Backup Strategies
Disaster Recovery & Data Backup StrategiesSpiceworks
 
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...CA Technologies
 
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryHadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryCloudera, Inc.
 

Viewers also liked (12)

Backup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and DirectorsBackup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and Directors
 
Sanctuary Device Control
Sanctuary Device ControlSanctuary Device Control
Sanctuary Device Control
 
Lumension Security Solutions
Lumension Security SolutionsLumension Security Solutions
Lumension Security Solutions
 
NYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern WorldNYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern World
 
Penberthy
PenberthyPenberthy
Penberthy
 
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...
Business-Aligned Enterprise Security – Driving Success in the Face of Shifti...
 
Zalando - The Big Switch - ForgeRock Identity Summit 2015
Zalando - The Big Switch - ForgeRock Identity Summit 2015Zalando - The Big Switch - ForgeRock Identity Summit 2015
Zalando - The Big Switch - ForgeRock Identity Summit 2015
 
Data backup and disaster recovery
Data backup and disaster recoveryData backup and disaster recovery
Data backup and disaster recovery
 
private, public and global enterprises
private, public and global enterprisesprivate, public and global enterprises
private, public and global enterprises
 
Disaster Recovery & Data Backup Strategies
Disaster Recovery & Data Backup StrategiesDisaster Recovery & Data Backup Strategies
Disaster Recovery & Data Backup Strategies
 
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...
Case Study: Dell - APIs and Microservices for Cloud-Native Application Archit...
 
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryHadoop Backup and Disaster Recovery
Hadoop Backup and Disaster Recovery
 

Similar to Securing Your Infrastructure: Identity Management and Data Protection

Go Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center TechnologiesGo Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center Technologiesdoan_slideshares
 
Gateway RIMS (Remote Infrastructure Management Services)
Gateway RIMS (Remote Infrastructure Management Services)Gateway RIMS (Remote Infrastructure Management Services)
Gateway RIMS (Remote Infrastructure Management Services)sonnysonare
 
Mms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server InfrastructureMms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server Infrastructureguestd9aa5
 
Enterprise Management with Microsoft Technologies
Enterprise Management with Microsoft TechnologiesEnterprise Management with Microsoft Technologies
Enterprise Management with Microsoft TechnologiesAmit Gatenyo
 
Intergen Twilight Seminar: Infrastructure Management made easy
Intergen Twilight Seminar: Infrastructure Management made easyIntergen Twilight Seminar: Infrastructure Management made easy
Intergen Twilight Seminar: Infrastructure Management made easyIntergen
 
Res Software In Healthcare
Res Software In HealthcareRes Software In Healthcare
Res Software In Healthcarejckirby
 
Res Software In Healthcare
Res Software In HealthcareRes Software In Healthcare
Res Software In Healthcarejckirby
 
IBM Smarter Business 2012 - PureSystems - PureData
IBM Smarter Business 2012 - PureSystems - PureDataIBM Smarter Business 2012 - PureSystems - PureData
IBM Smarter Business 2012 - PureSystems - PureDataIBM Sverige
 
benefits of SQL Server 2008 R2 Enterprise Edition
benefits of SQL Server 2008 R2 Enterprise Editionbenefits of SQL Server 2008 R2 Enterprise Edition
benefits of SQL Server 2008 R2 Enterprise EditionTobias Koprowski
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaMicrosoft Singapore
 
Support you Microsoft cloud with Microsoft services By Anis Chebbi)
Support you Microsoft cloud with Microsoft services By Anis Chebbi)Support you Microsoft cloud with Microsoft services By Anis Chebbi)
Support you Microsoft cloud with Microsoft services By Anis Chebbi)TechdaysTunisia
 
Microsoft sccm 2012 seminar ddls sydney 22 nov 2012
Microsoft sccm 2012 seminar   ddls sydney 22 nov 2012Microsoft sccm 2012 seminar   ddls sydney 22 nov 2012
Microsoft sccm 2012 seminar ddls sydney 22 nov 2012DDLS
 
Maximizing Virtualization ROI
Maximizing Virtualization ROIMaximizing Virtualization ROI
Maximizing Virtualization ROIstanyarbrough
 
9sept2009 fujitsu
9sept2009 fujitsu9sept2009 fujitsu
9sept2009 fujitsuAgora Group
 
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready)  ...110531 newlease heads in the clouds feet on the ground v2.0 (partner ready)  ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...New Lease
 
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloud
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloudPre-TechEd EMEA 2012 - SCOM 2012 Down in the cloud
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloudwwwally
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 

Similar to Securing Your Infrastructure: Identity Management and Data Protection (20)

Go Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center TechnologiesGo Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center Technologies
 
Gateway RIMS (Remote Infrastructure Management Services)
Gateway RIMS (Remote Infrastructure Management Services)Gateway RIMS (Remote Infrastructure Management Services)
Gateway RIMS (Remote Infrastructure Management Services)
 
Mms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server InfrastructureMms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server Infrastructure
 
Enterprise Management with Microsoft Technologies
Enterprise Management with Microsoft TechnologiesEnterprise Management with Microsoft Technologies
Enterprise Management with Microsoft Technologies
 
Intergen Twilight Seminar: Infrastructure Management made easy
Intergen Twilight Seminar: Infrastructure Management made easyIntergen Twilight Seminar: Infrastructure Management made easy
Intergen Twilight Seminar: Infrastructure Management made easy
 
Res Software In Healthcare
Res Software In HealthcareRes Software In Healthcare
Res Software In Healthcare
 
Res Software In Healthcare
Res Software In HealthcareRes Software In Healthcare
Res Software In Healthcare
 
IBM Smarter Business 2012 - PureSystems - PureData
IBM Smarter Business 2012 - PureSystems - PureDataIBM Smarter Business 2012 - PureSystems - PureData
IBM Smarter Business 2012 - PureSystems - PureData
 
benefits of SQL Server 2008 R2 Enterprise Edition
benefits of SQL Server 2008 R2 Enterprise Editionbenefits of SQL Server 2008 R2 Enterprise Edition
benefits of SQL Server 2008 R2 Enterprise Edition
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
 
Support you Microsoft cloud with Microsoft services By Anis Chebbi)
Support you Microsoft cloud with Microsoft services By Anis Chebbi)Support you Microsoft cloud with Microsoft services By Anis Chebbi)
Support you Microsoft cloud with Microsoft services By Anis Chebbi)
 
Verve Nms
Verve NmsVerve Nms
Verve Nms
 
Microsoft sccm 2012 seminar ddls sydney 22 nov 2012
Microsoft sccm 2012 seminar   ddls sydney 22 nov 2012Microsoft sccm 2012 seminar   ddls sydney 22 nov 2012
Microsoft sccm 2012 seminar ddls sydney 22 nov 2012
 
Maximizing Virtualization ROI
Maximizing Virtualization ROIMaximizing Virtualization ROI
Maximizing Virtualization ROI
 
9sept2009 fujitsu
9sept2009 fujitsu9sept2009 fujitsu
9sept2009 fujitsu
 
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready)  ...110531 newlease heads in the clouds feet on the ground v2.0 (partner ready)  ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
 
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloud
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloudPre-TechEd EMEA 2012 - SCOM 2012 Down in the cloud
Pre-TechEd EMEA 2012 - SCOM 2012 Down in the cloud
 
VAS - VMware CMP
VAS - VMware CMPVAS - VMware CMP
VAS - VMware CMP
 
Manage engine it360
Manage engine it360Manage engine it360
Manage engine it360
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 

More from Lumension

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftLumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskLumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateLumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskLumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesLumension
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksLumension
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT RiskLumension
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...Lumension
 

More from Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize Risk
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security Risks
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Muhammad Tiham Siddiqui
 
2024.03.12 Cost drivers of cultivated meat production.pdf
2024.03.12 Cost drivers of cultivated meat production.pdf2024.03.12 Cost drivers of cultivated meat production.pdf
2024.03.12 Cost drivers of cultivated meat production.pdfThe Good Food Institute
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FESTBillieHyde
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)IES VE
 
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechWebinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechProduct School
 
Novo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNovo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNeo4j
 
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTSIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTxtailishbaloch
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...DianaGray10
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosErol GIRAUDY
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3DianaGray10
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and businessFrancesco Corti
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024Brian Pichman
 
Patch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updatePatch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updateadam112203
 
3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud DataEric D. Schabell
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIVijayananda Mohire
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.IPLOOK Networks
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch TuesdayIvanti
 
IT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingIT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingMAGNIntelligence
 

Recently uploaded (20)

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)
 
2024.03.12 Cost drivers of cultivated meat production.pdf
2024.03.12 Cost drivers of cultivated meat production.pdf2024.03.12 Cost drivers of cultivated meat production.pdf
2024.03.12 Cost drivers of cultivated meat production.pdf
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FEST
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)
 
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechWebinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
 
Novo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNovo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4j
 
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENTSIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
SIM INFORMATION SYSTEM: REVOLUTIONIZING DATA MANAGEMENT
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenarios
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and business
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
 
Patch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updatePatch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 update
 
3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
IT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingIT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced Computing
 

Securing Your Infrastructure: Identity Management and Data Protection

  • 1. Securing Your Infrastructure Privileged Identity Management and Data Protection Microsoft Lieberman Software Lumension
  • 2. Introductions Martin Buckley System Center Strategic Alliances Microsoft Corp Martin.Buckley@microsoft.com
  • 3. Agenda • Introduction • Infrastructure Security Challenges and the Business Impact • Introducing Microsoft System Center • Lieberman Enterprise Random Password Manager™ for System Center • Lumension Device Control for System Center™ • Summary and Next Steps
  • 4. Infrastructure Security Challenges Increased Access Increased Security  Always on, always  Advanced, multi-level attacks connected  Hacks motivated by criminal  Demands for increased profit access to information  Phishing and social  Communicate with engineering hacks wrapped in partners, employees, outs technology ourcers, and customers  Need to secure new types of  Regulatory requirements devices and storage for transparency  Need to enforce and audit compliance Managing the tension between accessibility and security
  • 5. Business Impact What Can Our Integrated Security Solution Do For Your Business? Keep Your IT Up and Running Protect Your Data Keep company data private and Manage systems, data and devices secure by preventing common across the organization. breaches. Save time through increased system Control and audit access to performance while enabling privileged systems, devices and collaboration across boundaries. applications. Reduce security risks by storing data Be confident that sensitive centrally on your company network. information is treated with integrity. Improve data protection with Store and back up data to eliminate consistent tools and processes to worry about data loss. protect vital assets.
  • 6. Introducing Microsoft System Center Martin Buckley, Strategic Alliances – System Center - Management & Services Division
  • 7. Industry Trends Macro Trends Current Indicators Virtualization Acceleration • #1 CIO priority in 2008 (up from #17) Compliance • CIOs expect 10% of IT budget to be dedicated to compliance IT Service Management • IT orgs can currently only correlate 30% of IT alerts to business problems Anywhere Access • Converged mobile phones (Smartphones) growing two times faster than mobile PCs 22% New Software as a Service • >1/3 of TDMs interested in using SaaS to support customer-facing business processes 78% Maintenance Data Center Build Outs • 74% of enterprises mandate all servers must reside in the data center Implication • 78% of IT budgets spent on maintenance activities, trends increase pressure
  • 8. System Center Solutions: People, Process, & Technology Management Packs Connectors for Interoperability Knowledge Solution Accelerators Microsoft Operations Framework (MOF/ITIL) Partner Ecosystem Microsoft Consulting Services Data Center Management Solutions Products Desktop & Device Management Infrastructure Windows Platform Virtualization Technology Open Standards Mid-Market
  • 9. Virtualization Managing a virtualized infrastructure with a common management platform Profile Virtualization Document redirection Offline files Presentation Server Virtualization Virtualization Desktop Application Virtualization Virtualization
  • 10. Data Center Management Solutions Configuration End to End Server Data Protection Management Monitoring Compliance and Recovery Business Continuity Automated Proactive Platform Configuration Through Provisioning Monitoring Controls and Virtualization and Updating Application & Reporting Mgmt of Physical Service Level Centralized and Virtual Backup Monitoring Security Auditing Environments and Recovery of Interoperable Comprehensive Physical and Virtual Server and Extensible Security & Identity Resources Consolidation Platform and Access Mgmt Through Disaster Recovery Virtualization
  • 11. Configuration Management Automated provisioning and server consolidation through virtualization • Power, space and maintenance costs Challenges forcing more efficient use of resources Addressed • Dispersed servers and applications difficult to manage and update • Manage virtual machines to consolidate physical servers Key • Provision operating Capabilities systems, applications, and patches in the data center ―We understood that if we consolidated servers we would reduce energy consumption. [System Center is a] one-stop, single-point approach to managing hundreds of Virtual Server–based virtual machines and all the hosts, while also easily performing physical- to-virtual migrations.‖ - Jason Foster, Systems Architect Sr. Manager of Technology, Continental
  • 12. End to End Monitoring Proactive platform, application and service-level monitoring • IT services, applications and Challenges servers must run smoothly ERP Application Addressed • Increasing pressure for service levels that ensure optimal uptime and responsiveness • Proactively monitor Databases Servers Web Servers availability, performance and configuration across heterogeneous platforms Key Capabilities • Perform deep application and Order Tracker DB DN-App1 OTW-IIS-01 OTW-IIS-02 service-level monitoring ―I can provide our system administrators with more in-depth monitoring and more explicit alerting. We can configure server reports to show downtime warnings, downtime events, and the start time and end time of every occurrence. We can also quickly learn why a server experienced downtime—whether it was a power outage, a hardware or software malfunction, or a server maintenance issue.‖ Paul Johnson, Windows Monitoring Architect & Systems Engineer, Gates Corp
  • 13. Server Compliance Configuration controls and centralized audit of system security • Increasing compliance and audit requirements Challenges associated with business policies and regulatory requirements Addressed • Security pressures in the data center • Create, maintain and report on configuration controls for the data center environment Key • Gather and report security related events Capabilities • Manage identities and access and improve security in the data center ―SAS 70 is a huge initiative for us with regard to our data centers and all of our applications, and SOX is obviously important as well. With [System Center] my team has reduced the amount of time that we spend collecting security log information. For example, we just completed an investigation and pulled the security report in less than 5 minutes. In the past it would have taken days.‖ Jeff Skelton, Manager, Enterprise Management Center, Stewart
  • 14. Data Protection and Recovery Backup & restore and business continuity through virtualization mgmt Backup and Restore • High availability and business continuity needed Challenges to meet service levels and optimal uptime Addressed • Simple disaster recovery and backup & restoration of data and information • Dynamically replicate and move virtual machines and applications to distribute workloads in the event of an outage Key • Recover and restore the physical and Capabilities virtual environments in the data center through continuous data protection Data Center A Data Center B “We really liked the looks of [System Center] for three key reasons, its disk- to-disk-to-tape design, the fact that we could eliminate full backups altogether and simply take snapshots, and its disaster recovery features.‖ Ed Olson, Lead Windows Infrastructure Engineer, AutoNation
  • 15. Desktop Management Solutions Streamlined Application Optimized Client Health Ease User Access Without and Desktop Delivery and Performance Compromise Adaptive Application Client Infrastructure End-Point Security Delivery Monitoring Management Managed client Client health monitoring Enforced compliance with application delivery via and proactive issue system health policy traditional and virtual identification definitions via remediation methods Simplified Windows Remote PC Diagnostics & Configuration Vista Deployment Repair Compliance Automated OS Zero-touch remote Assess systems deployment via image diagnosis and remediation compliance against standardization with Intel® vProTM established configuration baselines
  • 16. Adaptive Application Delivery Managed client application delivery via traditional and virtual methods • Application compatibility and run time conflicts complicate deployments and regression testing Data, User Challenges settings Addressed • New delivery models make asset inventory and reporting difficult Application Application • Natively deploy virtual applications to reduce or eliminate runtime conflicts OS Key • Separate user state from computer hardware, OS, application data and user Capabilities settings for anywhere access Hardware • Centrally manage traditional, virtual and streamed applications from a single console “We have significantly accelerated the testing of new programs by using virtualization. There are no more installs, and virtualized programs have no effect on the operating system or other applications.” - Frank Walburg, Department Manager of Desktop Software Services, BASF IT Services
  • 17. Simplified Windows Vista/7 Deployment Automated OS deployment via image standardization • Multiple hardware, OS and application configurations cause costly deployments Challenges Addressed • Offline and low bandwidth environments make automated deployment methods less effective • Streamline Windows Vista deployment planning thru hardware assessment and application compatibility testing Key • Standardize on a single hardware Capabilities independent image to reduce OS deployment complexity • Deployment support for highly distributed environments “Deploying a new infrastructure and installing operating systems, applications, and drivers on thousands of computers across 50 locations and several countries, all within a year, is a massive task…we’re succeeding—and Configuration Manager is an essential part of our success.” -- Poul Westmose, Chief Technology Officer, DONG Energy
  • 18. Client Infrastructure Monitoring Client health monitoring and proactive issue identification • Majority of hardware, application and OS crashes unreported until large number of Challenges end users impacted Addressed • Configuration and user setting changes impact performance and security standards • Proactively monitor and identify OS, application and hardware issues to minimize support costs and impact to end-user productivity Key • Report on configuration compliance and Capabilities collective system health to identify trends • Improve reliability and security by reducing configuration drift “We catch problems before our users see them. That’s a significant way to contribute to our mission.” - Xavier Coppin, Systems Engineer, Skyguide.
  • 19. Remote PC Diagnostics and Repair Zero-touch remote diagnosis and remediation with Intel® vProTM • Troubleshooting and repairing PCs is mostly a Challenges manual and costly effort Addressed • PCs that are powered off or that won‟t boot cannot be diagnosed or repaired • Accelerate problem resolution time with diagnostic, configuration and performance monitoring tools Key • Reduce onsite service calls with zero touch Capabilities remote management, including PCs that won‟t boot or are powered off “Having the ability to wake devices up and run updates via a standard technology…will only enhance the security posture that the VA has been working to meet” - Charles de Sanno, Executive Director of Enterprise Technology and IT Engineering, Veterans Affairs Department
  • 20. End-Point Security Management Enforced compliance with system health policy definitions via remediation • Mobile and distributed users present Policy Servers e.g.., Patch, AV Challenges unique network security and compliance challenges Microsoft Addressed NPS 3 • Must identify vulnerabilities, enforce policies and remediate threats Not policy compliant 5 Remediation • Provide secure access across your 2 Restricted Network Servers e.g.,Patch remote, LAN and wireless connections Policy compliant Key • Automatically assess vulnerabilities 4 and security compliance DHCP, VPN Capabilities Switch/Router Corporate Network • Enable automatic enforcement and remediation of security parameters to ensure ongoing compliance “We envision an IT environment that’s easy to maintain, with computers that automatically download updates and other required software every time they boot up, from the first day they’re on the network” - Noah Johnson, Senior Systems Engineer, Freightliner
  • 21. Configuration Compliance Assess systems compliance against established configuration baselines • Misconfigured desktops represent compliance and security risks Challenges Addressed • Desktop configuration drift (settings changes, account permissions, etc.) from multiple administrators changing policies • Create, maintain and report on configuration controls for your desktop environments Key • Automate process for desired Capabilities configuration management • Utilize best practices built directly into the solution “We’ll have our first-ever 100 percent compliance and lock-down, which translates into greater reliability and availability, better helpdesk operations, and faster and smoother updates and deployments, because we’ll be building on up-to-date, same- state servers, workstations, and devices.” - Richard Page, IT Project Manager, Shoprite
  • 22. Core Infrastructure Optimization Basic Standardized Rationalized Dynamic Uncoordinated, manual Managed IT Managed and Fully automated infrastructure infrastructure with consolidated IT management, limited automation infrastructure with dynamic resource maximum automation usage, business linked SLA‟s Dynamic IT Cost Center More Efficient Business Enabler Strategic Asset Cost Center Manage Complexity and Achieve Agility
  • 23. Managing Complexity Customer success stories Basic Standardized Rationalized Dynamic Simplified Vista Server Consolidation Data Protection and Deployment Recovery Danish Saved $500K in Reduced server costs Foreign by $2M per year Reduced back-up deployment costs Ministry times by 50% Configuration Management Configuration Management Client Infrastructure Monitoring Cut helpdesk MEGA PHARMA costs by 35% Cut update time by 90% Cut deployment time by 73% Dynamic IT
  • 24. Dynamic IT Management • Use knowledge- • Improve visibility and based, automated in-line control through tasks to deliver integrated management rapid, high quality service • Manage multi-hypervisor technologies and • Maximize the use of the monitor cross-platform IT department’s existing environments Windows Server expertise • Out of the box, build on • Reduce complexity deep domain knowledge through seamless from both Microsoft and management of logical IT our strong partner environments community • Manage your virtual • Implement templated environments down to the best practices through application level Solution Accelerators
  • 25. Enterprise Random Password Manager Philip Lieberman, President and CEO
  • 26. Who We Are: Lieberman Software • Privileged Identity Management Software for Windows and the Cross-Platform Enterprise • HQ in Los Angeles with marketing and support office in Austin • Privately Owned, Profitable, 100% USA-based • Followed by Gartner, Forrester, 451 Group, Kuppinger-Cole (EMEA) • Technical partnerships include: Microsoft, Oracle, HP, IBM, EMC/RSA, Novell, Red Hat, 1900 Avenue of the Stars, Los Angeles BMC Software, nCipher Headquarters Office • Over 900 Enterprise Customers in every industry, in all regions of the world
  • 27. Privileged Accounts: What Are The Risks? • Do you know where all of your • Who is sharing credentials? privileged accounts are? Are they accountable? • Do the wrong people have • Will you pass your next IT access to sensitive data? audit? • Are privileged accounts being • Will your passwords fail to used for tasks that don’t withstand dictionary and social require them? attacks?
  • 28. Privileged Accounts: Mitigating The Risks • Identify and document critical IT assets, their privileged accounts and interdependencies. • Delegate so that only appropriate personnel can access privileged accounts in a timely manner, using the least privilege required, with documented purpose, during designated times. • Enforce rules for password strength, uniqueness and change frequency, synchronizing changes across dependencies. • Audit and Alert so that the requesters, purpose and requested duration are documented and management is made aware of unusual access and other events.
  • 29. Protecting Corporate Assets Datacenter Deployment
  • 30. Datacenter Deployment New servers and applications have been deployed in the datacenter. The team must confirm that all privileged accounts on these systems are secured as required by compliance standards.
  • 31. Datacenter Deployment You launch Enterprise Random Password Manager… …and verify in the Windows Systems View that ERPM has already discovered these systems.
  • 32. Datacenter Deployment You switch to the Account Store Discovered accounts include View, expand a node for one of the Windows Administrator new servers, and view all of the accounts and privileged privileged accounts detected on the accounts used by services and system. applications.
  • 33. Datacenter Deployment You right-click a local Administrator account on the server and choose Properties from the context menu.
  • 34. Datacenter Deployment The Properties window confirms that Enterprise Random Password Manager has already deployed new password credentials.
  • 35. Datacenter Deployment Now authorized personnel can get privileged access to these servers by clicking Favorite Tasks in the SCOM / SCCM Computers node.
  • 36. Datacenter Deployment Privileged access is granted through permissions already configured in the company’s Role-Based Access Control system… … and when an IT staff member clicks Recover….
  • 37. Datacenter Deployment … he is prompted to type the reason for the password recovery request so there’s an audit trail.
  • 38. Datacenter Deployment A password is then provided through the SCOM /SCCM interface for one-time use. Immediately after use, the password will be changed according to the company’s configured policy.
  • 39. Results • You now have an authoritative list of privileged accounts on the new servers. • The account credentials are secured and will be changed according to a schedule policy. • Authorized IT staff can quickly access these systems without taking authorizers’ time. • All requests for privileged access are audited. • Your team meets its mandate to secure the newly-deployed hardware.
  • 40. Making IT Staff More Efficient Preparing for an IT Audit
  • 41. Preparing for an IT Audit IT staff have limited time to prepare for a critical Audit. The requirements list is long…
  • 42. Preparing for an IT Audit IT staff must show that:* 1. Administrator passwords are changed every 90 days. 2. There are no group, shared, or generic privileged accounts or passwords. 3. Access rights are restricted to least privileges required. 4. Inactive privileged accounts are removed or disabled every 90 days. 5. Privileged access is immediately revoked for all terminated users. 6. All system components are covered by password security policies. 7. Vendors’ remote maintenance accounts are enabled only during time periods needed. 8. All vendor-supplied passwords are changed before systems are deployed. 9. Automated audit trails are implemented for all system components. *Typical PCI DSS requirements
  • 43. Preparing for an IT Audit You launch Enterprise Random Password Manager… First, let’s prove that all privileged account passwords are changed at least every 90 days.
  • 44. Preparing for an IT Audit … and open the Windows Accounts View to see a list of Views can also be sorted by privileged system name, account passwords, name, and so on. sorted by age. You then click Compliance...
  • 45. Preparing for an IT Audit … to create an HTML- formatted report that shows the last password change date for all systems on your network. You’ve documented that ERPM is changing all privileged passwords according to regulatory requirements.
  • 46. Preparing for an IT Audit Next, let’s prove that there are no group, shared, or generic privileged accounts or passwords on your production network… … that no systems fail to comply with regulatory requirements for privileged passwords… … and that any vendor- supplied passwords on newly- deployed systems or applications have been discovered and changed.
  • 47. Preparing for an IT Audit With a few more clicks, you create a new report showing a total of 19 systems on your network that don’t have unique, complex, and frequently changed privileged credentials enforced by ERPM. Fortunately these are all lab systems, not on the production domain, that don’t need to comply.
  • 48. Preparing for an IT Audit Next, let’s document that IT personnel are accessing privileged accounts on a need to know basis. This is a common requirement of many regulatory standards.
  • 49. Preparing for an IT Audit Start by choosing whether to create a report by account, system, or user...
  • 50. Preparing for an IT Audit This report shows the history, by user, of every password check-out request. It shows the day, time, system, account, and stated purpose to verify the need for each access.
  • 51. Preparing for an IT Audit ERPM also manages and reports user access by Remote Desktop Connection. This feature is commonly used to grant temporary, audited access to vendors and contractors.
  • 52. Results • The organization demonstrates that it has auditing controls in place to manage privileged access. • Preparations for IT audits are completed far more efficiently. • Audit results are far more predictable.
  • 53. ERPM for Systems Center Ops Manager Internal & External Credential Use Management • Inventories all SCOM credential usage • Continuously updates/randomizes credentials on all external systems, devices and applications so there is no common credential for access to all systems • Propagates new passwords back to SCOM “Run As” accounts, agents, services, etc. • SCOM “Run As” accounts maintain access to cross- platform and un-trusted systems • Access credentials in SCOM and components are updated in compliance with IT regulatory mandates • No more manual updating of systems, agents and services
  • 54. ERPM for System Center Config Manager Fire Call Password Retrieval in SCOM/SCCM • An Agent-less process deploys unique, frequently changing administrator / root account passwords to all machines (Windows, Linux, UNIX, appliances, etc.) • No one knows current administrator / root passwords until they’re retrieved through audited check-out • Role-based approvals expedite the password retrieval process • Retrieved passwords are time-limited • Activity and operations reports are accessible through a web-based console
  • 55. Lumension Device Control for System Center TM
  • 56. Lumension‟s History Established: Sept „07 Founded in 1991 Acquired: Feb „07 Acquired: July „07 Acquired: April „09 Market-leading Enterprise-class Market-leading Compliance and Risk patch management vulnerability device and Management. management application control First cross-platform Delivering predefined and application First credentialed First to introduce compliance and patch management based vulnerability whitelisting / control frameworks solution scanner patented file “shadowing” technology
  • 57. Worldwide Presence & Recognition Offices Worldwide Strong Partner Base (400+ Worldwide) More than 5,100 customers in 68 countries Award-Winning
  • 58. Strong Microsoft Partner Lumension is a Long-term Microsoft Gold Partner • Both PatchLink and SecureWave held Gold Partner status • Lumenion has continued Gold Partner status • Competencies: • Advanced Infrastructure Solutions • Data Management Solutions • ISV/Software Solutions System Center Alliance Member • Announcement forth coming US ISV Managed Partner Program Product line built on Microsoft Technologies: • Primary development environment - TFS • Products developed/delivered on Microsoft Technology: • Microsoft .NET • Microsoft Server • Microsoft SQL Server
  • 59. Lumension Solution Portfolio Lumension® Solutions Lumension® Lumension® Lumension® Lumension® Vulnerability Endpoint Data Protection Compliance and Management™ Protection Risk Management Lumension® Patch and Lumension® Application Lumension® Device Remediation Control Control Lumension® Risk Manager (PatchLink Update) (Sanctuary Application Control) (Sanctuary Device Control) Lumension® Scan Products (STAT Scan) PGP® Lumension® Enterprise Whole Disk Encryption Lumension® Security Reporting (Resell) (PatchLink ERS) Configuration Management (PatchLink SCM) Lumension® Device Lumension® Content Control for System Wizard Center (PatchLink PDK) 60
  • 60. Lumension Solution Portfolio Lumension® Solutions Lumension® Lumension® Lumension® Lumension® Vulnerability Endpoint Data Protection Compliance and Management™ Protection Risk Management Lumension® Patch and Lumension® Application Lumension® Device Remediation Control Control Lumension® Risk Manager (PatchLink Update) (Sanctuary Application Control) (Sanctuary Device Control) Lumension® Scan Products (STAT Scan) PGP® Lumension® Enterprise Whole Disk Encryption Lumension® Security Reporting (Resell) (PatchLink ERS) Configuration Management (PatchLink SCM) Lumension® Device Lumension® Content Control for System Wizard Center (PatchLink PDK) 61
  • 61. The Borderless Enterprise Data has moved beyond the enterprise firewall: Laptops / Home Offices USB Sticks / WiFi / VPN and more…
  • 63. Increasing Internal Risk Insiders have direct access to 70% of all serious incidents your most sensitive data are sparked by insiders. IDC Worldwide Security Products and Services 2007 Top 10 Predictions Lost Laptops Disgruntled P2P File Sharing & Devices Employees Software 48% of users utilize company tools for personal usage.
  • 64. Business Challenges Minimizing Data Leakage Risk: Data Leakage via internal and/or external sources, be it accidental or intentional, is the biggest gap. The Cost of Compliance: Bewildering array of National, State and Industry laws and regulations with costly Data Protection implications. Enabling Productivity: Data sharing via removable devices enables cost-cutting measures but is a risk that can’t be ignored.
  • 65. Lumension Data Protection Policy-Based, Encryption-Enabled Data Protection. • Protect Data from Leakage and Theft: Enforce usage policies for all removable devices and media. Lumension Data Protection • Increase Data Security: Define forced encryption policy for data flows onto removable Lumension Device Control (LDC) devices / media. Flexible exception management. • Improve Compliance: Policy-enforced encryption on removable devices to ensure that Lumension Device Control data cannot be accessed if removable devices or for Microsoft System Center (DCSC) media are lost or stolen. • Continuous Audit Readiness: Monitor all device usage and data transfers. Track all transferred files and content. Report on all data policy compliance and violations.
  • 66. Lumension Data Protection: Key Features Automates discovery of peripheral devices Always-on policy, centrally managed, kernel based driver Provides granular device control permission settings • By user, group, computer Flexible and powerful encryption options White-list allowable devices • By make, Serial Number, etc • Control Thumb Drives, iPods, Blackberrys, CD/DVD,… Delivers detailed audit capabilities • Patented bi-directional “Shadowing” of data written to/from a device • All device access attempts • All administrator actions • Exact contents of file(s) copied/compromised.* Multiple hardware partnerships
  • 67. Why Customers Choose Lumension Tried and Proven: Over 1500 customers and 2 million licenses of Device Control Software Policy Enforcement: Highly granular policies enforced via kernel-level driver, whether on or off line Encryption: Centrally encrypt removable devices/media or force users to encrypt devices/media to ensure that data cannot be accessed if removable devices/media are lost or stolen. File Shadowing: Keep a copy of every file that is transferred to or from removable devices / media using patented bi-directional shadowing technology. * Scalability: Scalable deployment to an entire network with tamper-proof agents on every endpoint. * Future capability for Device Control for System Center
  • 68. Device Control for System Center (DCSC) Implementation of Lumension Device Control on Microsoft System Center Configuration Manager (SCCM) platform • No stand-alone LDC server/console required Provides market-leading LDC technology for SCCM customers: • Advanced management of all endpoint ports and removable devices/media • Policy based data encryption enforcement on devices/media • Endpoint protection from malware on devices/media Leverages key System Center technologies • SCCM Console (MMC, UI, workflow) • SMS (agent/policy deployments) • WMI (monitoring and report information) First and only Device Control for SCCM Currently at Release Candidate 1 (RC1) • GA Announcement: TechEd Europe (09Nov2009)
  • 69. DCSC Value to Microsoft System Center Customers Leverages SCCM Extends SCCM Eliminates costs of stand- Enforce data/port policies alone DC point solution for removable devices Accelerates deployment of Enforce data encryption DC security/audit benefits policies on range of devices Aligns with existing SCCM Prevents malware intrusion environment via removable media • Decreased IT complexity • Security-Optimized Infrastructure • Increased ROI for System Center 70
  • 71. Microsoft, Lieberman, & Lumension Compliance and Data Protection Privileged Identity Mgmt Data Leakage Prevention • Shared password account mgmt • Granular device/port control • Protects policy mgmt privileges policies prevent data leakage Enterprise Random Device Control for Password Manager System Center
  • 72. Overcome Infrastructure Security Challenges Mitigate security risks Create automated, audited from hackers or processes to increase IT unauthorized intruders staff productivity Ensure compliance Protect against data Leverage existing IT with privacy mandates loss, theft or infrastructure with like PCI DSS corruption superior integration …while continuing to provide high quality, uninterrupted service.
  • 73. Next Steps • Discussion – to better understand your needs • Discovery – to better understand your infrastructure • Demonstration – to show you Microsoft System Center, Enterprise Random Password Manager ™ and Lumension Device Control for System Center™ • Evaluation – to install and evaluate the software at your site • Proof Of Concept – to test the products in-house • Contact us!